<?php
/* 
	This file is Copyright Matthew Wilkinson 2009.
	
	This file is part of Oxygen.

	Oxygen is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License version 3 as published by
	the Free Software Foundation at http://www.gnu.org/licenses/gpl-3.0.html

	Oxygen is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

*/

Final Class Input
	{
	private static $GET = Array();
	public static function GET($key)
		{
		self::_construct();
		if (isset(self::$GET[$key]))
			{
			return self::$GET[$key];
			}
		else
			{
			return null;
			}
		}
	
	private static $POST = Array();
	public static function POST($key)
		{
		self::_construct();
		if (isset(self::$POST[$key]))
			{
			return self::$POST[$key];
			}
		else
			{
			return null;
			}
		}
	
	private static $COOKIE = Array();
	public static function COOKIE($key)
		{
		self::_construct();
		if (isset(self::$COOKIE[$key]))
			{
			return self::$COOKIE[$key];
			}
		else
			{
			return null;
			}
		}
	
	private static $SERVER = Array();	
	public static function SERVER($key)
		{
		self::_construct();
		if (isset(self::$SERVER[$key]))
			{
			return self::$SERVER[$key];
			}
		else
			{
			return null;
			}
		}
	
	private static $ENV = Array();
	private function ENV($key)
		{
		self::_construct();
		if (isset(self::$ENV[$key]))
			{
			return self::$ENV[$key];
			}
		else
			{
			return null;
			}
		}
	
	private static $lang = null;
	public static function lang()
		{
		self::_construct();
		return self::$lang;
		}
	
	private static $components = Array();
	
	private static $constructed = FALSE;	
	public static function _construct()
		{
		if (self::$constructed)
			{
			return;
			}
		else
			{
			self::$constructed = TRUE;
			}
		
		/* Process GET, POST, COOKIE, SERVER and ENV
		We need to undo magic_quotes_gpc if set and we need to get raw GPC from filter_input in case filter.default is set */
		
		// In PHP 6, magic_quotes is removed entirely, so we should first check if magic_quotes actually still exists.
		if (function_exists('set_magic_quotes_runtime') AND get_magic_quotes_runtime() == TRUE) { set_magic_quotes_runtime(FALSE); }
		
		self::$GET = filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW);
		self::$GET = (self::$GET == null?Array():self::$GET);
		self::$POST = filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW);
		self::$POST = (self::$POST == null?Array():self::$POST);
		self::$COOKIE = filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW);
		self::$COOKIE = (self::$COOKIE == null?Array():self::$COOKIE);
		self::$SERVER = filter_input_array(INPUT_SERVER, FILTER_UNSAFE_RAW);
		self::$SERVER = (self::$SERVER == null?Array():self::$SERVER);
		self::$ENV = filter_input_array(INPUT_ENV, FILTER_UNSAFE_RAW);
		self::$ENV = (self::$ENV == null?Array():self::$ENV);
		
		/* For all browser supplied data we make sure that only alphanumeric characters and underscore and dash can be passed - this also haas the effect of both removing the effect of magic_quotes, but also getting rid of quotes themselves.
		   For POST data, we check which fields should be "raw". Any field that starts with an underscore will provided raw. */
		/* All HTTP_* keys in $_SERVER are actually HTTP Headers, so cannot be trusted, as they are provided by the browser. Not quite sure what to do with it atm though :P */
		foreach (self::$GET as $key=>$value)
			{
			self::$GET[$key] = Security::string($value);
			}
		foreach (self::$POST as $key=>$value)
			{
			if (strpos($key, '_') !== 0)
				{
				self::$POST[$key] = Security::string($value);
				}
			elseif (function_exists('get_magic_quotes_gpc') AND get_magic_quotes_gpc() === 1)
				{
				self::$POST[$key] = stripslashes(self::$POST[$key]);
				}
			}
		foreach (self::$COOKIE as $key=>$value)
			{
			self::$COOKIE[$key] = Security::string($value);
			}
		}
	
	}